Lucene search

Mcgallery Security Vulnerabilities

cve

CVE-2008-6211

Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the...

6.2AI Score

0.002EPSS

2009-02-20 01:30 AM

cve

CVE-2007-1478

download.php in McGallery 0.5b allows remote attackers to read arbitrary files and obtain script source code via the filename...

7AI Score

0.01EPSS

2007-03-16 09:19 PM

cve

CVE-2005-1997

show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host...

7.4AI Score

0.007EPSS

2005-06-15 04:00 AM

cve

CVE-2005-1998

Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang...

7.4AI Score

0.02EPSS

2005-06-15 04:00 AM